Professional Documents
Culture Documents
Fernandez
Vulnerabilities are presented through the exchange of data across http https and http https . These are exploited using https stripping attacks, transparently hijacking http traffic on a network, watching for https links and redirects to map those links into look-alike http links.
SSLSTRIP tool do just exactly that and can be deployed through man in the middle attack on a wireless network using iptables, arpspoof. It can also be deployed on the Tor Network if you configure your computer as a relay exit node in port 80.
REQUIREMENT
I assume you are using a GNU/LINUX OS or Mac OSX SSLSTRIP: main tool for our stripping attack IPTABLE : to match our target traffic and redirect it to sslstrip ARPSPOOF: used in wireless network to make our computer look like router Tor as relay: to apply the concept once we enter another network
References